... | ... | @@ -58,11 +58,12 @@ Extending this to DNS and DNS servers, scoring should assume that: |
|
|
* N - None - matching allow-query (and friends) is not "privileges", not even for an attack that must be performed over TCP
|
|
|
* L - Low - the attacker has some privileges, but is not an admin. Some DNS specific examples:
|
|
|
* has XFR privileges for one or more zones the target server is authoritative for
|
|
|
* has a key for rndc that allows only read-only operations
|
|
|
* has credentials that BIND can validate using GSSAPI
|
|
|
* knows the secret for any configured key
|
|
|
* H - High - attacker must have admin privileges over the target system. Besides the official admins, we also include:
|
|
|
* H - High - attacker must have administrative privileges on the target system or access via an administrative channel that needs to be explicitly configured by the operator, e.g.:
|
|
|
* is primary for a zone that the target system is secondary for (covers both RPZ and catz in addition to normal zones)
|
|
|
* has access to an `rndc` key configured for a given `named` instance
|
|
|
* has access to the statistics channel configured for a given `named` instance
|
|
|
|
|
|
### User Interaction (UI)
|
|
|
|
... | ... | |